.svg){kind=small}
.svg){kind=small}
.svg){kind=small}
.svg){kind=small}
.svg){kind=small}
.svg){kind=small}
.svg){kind=small}
.svg){kind=small}
.svg){kind=small}
Privacy Rights for Your Mind
Hello all, and thanks for reading today.
Read Now
.svg){kind=small}
.svg){kind=small}
.svg){kind=small}
.svg){kind=small}
Hello all, and happy Thursday!
This week, I wanted to call attention to Mozilla’s new annual report they’re calling the Creep-O-Meter. In essence, the report analyzes historical data on consumer tech collected by Mozilla to determine the state of consumer digital privacy (spoilers: the findings were not great for consumers).
While there’s plenty to talk about regarding the report’s contents, what stood out to me is how this report demonstrates the impact of data privacy on business brands.
It should come as no surprise that a data privacy platform like Osano cares about data privacy—and we think a lot about what makes other companies care about data privacy too. Obviously, nobody wants to get fined. Businesses would rather obey the law than violate it. It’s the ethical thing to do. But I think people also underestimate the power that data privacy has on their organization’s brand.
For Mozilla and other tech companies, respecting data privacy is very much a brand value (even if their actual data privacy practices don’t always align with that value).
These companies collect huge amounts of personal data, and they enable other companies to collect and process data in turn. Data and data privacy are core to the service they provide. Other businesses might say that’s all well and good for the Mozillas and Apples of the world, but they haven’t chosen to make data privacy part of their brand.
The interesting thing this report highlights is that not choosing data privacy is also a brand value.
Consider some of the major offenders identified in this report. They’re certainly not thrilled at being called out as being lax on data privacy. Those companies likely haven’t had a conversation about whether or not data privacy matters for their brand. And yet, reports like this one prove that others will consider your brand through the lens of data privacy, whether your brand book has a page dedicated to data privacy or not.
Best,
Arlo
Top Privacy Stories of the Week
Irish Data Protection Commission Publishes Subject Rights Case Study Compilation
Covering the first five years of the GDPR, this compilation examines 126 cases of subject rights requests and the lessons learned in how organizations have responded.
California Expands Definition of “Sensitive Personal Information”
The “sensitive personal information” category is associated with additional requirements under the CPRA, and the signing of Assembly Bill 947 just expanded its definition. Now, “citizenship” and “immigration status” are considered to be sensitive personal information.
France Publishes Guidance on GDPR-Compatible AI Usage
In a continued effort to appropriately regulate AI, the French data protection authority has issued guidance on what constitutes appropriate data practices for AI within the context of the GDPR. Notably, the guidance acknowledges the extended retention periods that may be appropriate for AI, given the need to train models on large databases.
Debt Collection Company Announces It Will Challenge a Recent GDPR Penalty
Debt collector EOS Matrix said it will challenge a U.S. $5.8 million GDPR penalty levied against it by the Croatian data protection authority after finding the data in question in the case does not match the data in its database.
Maine Lawmakers to Review Host of Data Privacy Bills
A subset of Maine lawmakers will begin work next week on a series of online privacy bills, notably a measure that seeks to create a new Data and Privacy Protection Act. If the measure is successful, it could mark the start of Maine’s legislative journey toward joining the 12 other U.S. states that currently possess a data privacy regulation.
Mozilla Release Annual Creep-O-Meter Report
Mozilla has released its first annual Creep-O-Meter Report, intended to assess the state of digital privacy in consumer tech. Overall, its conclusions were fairly poor. Highlighted findings include: 40% of the mental health apps reviewed have gotten worse on privacy and security since 2022; 100% of cars reviewed by Mozilla failed to meet its privacy and security standards; and more.
Osano Blog: Understanding the Digital Personal Data Protection Act (DPDPA)
With 1.4 billion people now protected by data privacy rights they previously lacked; businesses interested in serving the Indian market will need to become familiar with the Digital Personal Data Protection Act (DPDPA). In this blog, we’ll break down all the basics of the DPDPA—what’s unique about the law, what rights it confers to individuals and responsibilities it gives businesses, and more.
If you’re interested in working at Osano, check out our Careers page!